POST to a form that POSTS to another form

Question

From an external site, I need to present a form that POSTS data to secure.domain.com/index.php. Inside of index.php, I fill some hidden fields which in turn need to be posted to secure.domain.com/foo/index.php. I also set some session variables.

The reason for this is a temporary redirect while I finish building a user portal which will live at secure.domain.com/. In a couple of weeks, I will just need to post data to secure.domain.com/index.php

For now, however, I need to try and automatically log people in to what lies in secure.domain.com/foo/. I can't just change the target for the forms on various sites.

How might I accomplish this with PHP? Right now, I'm just presenting a "Click here to complete login" submit button on secure.domain.com/index.php , I'm hoping to get rid of that button.

Plan B is to put a captcha above the button and tell management that the quirk is by design for human verification purposes, since there was no room for one on the external site forms. I'd rather not do that.

Edit:

Thanks for all of the answers. It seems like there is no way to do this only using PHP. Internal users will be using thin clients with a very strict pre configured noscript plug-in, they can just deal with the button for a couple of weeks.

Answer 1

You can do this with cURL...

Example:

$ch = curl_init(); // initialize curl handle
$url = "http://www.mydomain.com/test.php"; // URL to calc.cgi
curl_setopt($ch, CURLOPT_URL,$url); // set url to post to
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 10); // times out after 10s
curl_setopt($ch, CURLOPT_POST, 1); // set POST method
curl_setopt($ch, CURLOPT_POSTFIELDS, "text=hi&name=fortega"); // fields to POST to calc.cgi
$data = curl_exec($ch); // run the whole process
curl_close($ch);

Answer 2

You can do an ajax post of your first form that will populate a second hidden form. Then add a javascript callback on your the second form completion that will do yoursecondform.submit();

Answer 3

If you don't want to use CURL:

http://www.sajithmr.me/php-post-without-curl/

Answer 4

What you would need it to be able to do an HTTP redirection and include the POST data in it, but this is, as far as I know, impossible.

However, there is a simple solution : auto-submit your current form using JavaScript. Just display a message like "Please wait while being redirected", hide all forms/buttons and submit it on page load (example in jQuery) :

<script type='text/javascript'>
    $(function() {
        $('#yourHiddenForm').submit();
    });
</script>

As said in other answers, make sure that you keep your current button in a <noscript> tag for users that have JavaScript disabled.

You could think of other solutions, like copying all POST data and doing a GET request to your second form, or storing all data in a temporary table, transmitting an ID to your second form, and load the corresponding data there, but I guess this implies modifying your second form and is not really acceptable.

Answer 5

You could automatically post the second form using JavaScript:

<script>document.forms[0].submit()</script>

This is the simplest method I can think of but I'm not an expert web guy ;)

You should also keep your current button and wrap a <noscript> around it for users with JavaScript disabled.

Edit: if you are using JQuery, Wookai's answer would be a better solution. But keep the noscript button.